3 matches found
CVE-2008-5901
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for db/iyziforum.mdb. NOTE: some of these details are obtained from third party informatio...
CVE-2008-5901
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for db/iyziforum.mdb. NOTE: some of these details are obtained from third party informatio...
CVE-2008-5901
CVE-2008-5901 affects iyzi Forum 1.0 beta 3, where sensitive information is stored under the web root with insufficient access control. A direct request to the file db/iyziforum.mdb can allow remote attackers to download the database, exposing passwords. The CVSS data (NVD) characterizes the impa...